Azure AD Sync behind proxy

To be able to have Azure AD Sync (AADSync) behind a proxy it must allow unauthenticated proxying (i.e. no ID/PWD). If you can fulfill this then you need to do the following:
  1. Configure the proxy server
  2. Configure AADSync to use the proxy server
Configure the proxy server
Do configuring to allow traffic to Office 365 IP's and URL's.

Configure AADSync
If you have a static ID/PWD for the service account then use the following command:
runas /user:domain\serviceuser "control.exe inetcpl.cpl"

In some cases you also need to edit the machine.config for .Net framework 4.5
  1. Open C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Config\machine.config
  2. Add proxy settings (case sensitive XML)
Example on proxy settings
<system.net>
<defaultProxy>
<proxy usesystemdefault="true" proxyaddress="http://proxy-ip:80" bypassonlocal="true" />
</defaultProxy>
</system.net>
Reference: 
Sometimes you also need to set winhttp using NetSh
set proxy proxy-server="http=myproxy;https=sproxy:88" bypass-list="*.contoso.com"
NetSh commands

1 comment:

Gloria Walton said...

This is what i am looking for long time for my education purpose. You explain with clear and clean that how to Configure the proxy server and how to Configure AADSync to use the proxy server. Will helps me a lot to configure this at my home.